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Amendment to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of the Claims 

Claim 1 (currently amended): A method of managing consent between a client and a network 
server, said client and said network server being coupled to a data communication network, said 
network server providing a service to a user via the client, said client operating a browser 
configured to permit the user to communicate on the data communication network, said method 
comprising: 

maintaining a user profile associated with the user; 

receiving a request from the service provided by the network server for user information 
associated with the user and for consent to use the requested user information; 

determining, in response to the request for consent, if the requested user information is 
included in the user profile; 

providing a user interface via the browser to collect the requested user information that is 
not included in the user profile from the user; 

receiving the user information provided by the user via the user interface; 

updating the user profile with the received user information; and 

allowing access by the service to the received user information. 

Claim 2 (canceled). 

Claim 3 (original): The method of claim 1, further comprising allowing, in response to the 
request for consent, access by the service to the requested user information if the user 
information is included in the user profile. 

Claim 4 (original): The method of claim 1, wherein the user profile is being maintained by a 
central server, said central server being coupled to the data communication network, and wherein 
the user interface is being provided by the central server and displays user information 
previously included in the user profile. 
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Claim 5 (original): The method of claim 1, wherein the user interface displays a user-selectable 
option for viewing intention information associated with the requested user information, said 
intention information describing how the requested user information will be used by the service 
provided by the network server. 

Claim 6 (original): The method of claim 5, further comprising providing an intention user 
interface via the browser for displaying the intention information, said intention user interface 
being provided in response to the user-selectable option being selected by the user. 

Claim 7 (original): The method of claim 6, wherein said intention user interface further displays 
retention information associated with the requested user information, said retention information 
specifying how long the requested user information will be retained by the service provided by 
the network server. 

Claim 8 (original): The method of claim 6, wherein the service provided by the network server is 
a member of a policy group, and wherein said intention user interface further displays a list of 
members of said policy group. 

Claim 9 (original): The method of claim 8, wherein said intention user interface further displays 
a second user-selectable option for viewing a privacy policy associated with said policy group, 
said privacy policy relating to how user information that the policy group is granted consent to 
use is to be protected. 

Claim 10 (original): The method of claim 9, further comprising providing a policy user interface 
via the browser for displaying the privacy policy, said policy user interface being provided in 
response to the second user-selectable option being selected by the user. 

Claim 1 1 (original): The method of claim 1, wherein the service provided by the network is 
granted consent to use user information included in the user profile. 



4 



MS#304546.01(5098) 



Claim 12 (original): The method of claim 11, further comprising providing a revocation user 
interface via the browser for allowing the user to revoke consent for the service provided by the 
network server to use the user information included in the user profile, said revocation user 
interface displaying a list of services for which the user has granted consent to use the user 
information included in the user profile. 

Claim 13 (original): The method of claim 12, wherein said revocation user interface further 
displays a user-selectable option for revoking consent for the service provided by the network 
server to use the user information included in the user profile. 

Claim 14 (original): The method of claim 13, further comprising revoking consent for the service 
provided by the network server to use the user information included in the user profile in 
response to the user-selectable option being selected by the user. 

Claim 15 (original): The method of claim 1, further comprising providing an administrator user 
interface to a responsible person of the user in response to said receiving the user information 
provided by the user, said another user interface allowing the responsible person of the user to 
grant consent for the service provided by the network server to use the received user information. 

Claim 16 (original): The method of claim 15, wherein said allowing access by the service to the 
received user information comprises allowing access by the service to the received user 
information if consent for the service to use the received user information is granted by said 
responsible person. 

Claim 17 (original): The method of claim 15, wherein said responsible person is a parent of the 
user. 

Claim 18 (currently amended): The method of claim 1, wherein one or more computer-readable 
storage media have computer-executable instructions for performing the method recited in claim 



Claim 19 (currently amended): An authentication system comprising: 
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an authentication server coupled to a data communication network , said authentication 
server including processor for executing computer-executable instructions ; 

an authentication database associated with the authentication server, said authentication 
database being configured to execute computer-executable instructions for store storing 
authentication information for comparison to login information provided by a user for 
authenticating the user, said authentication database further being configured to execute 
computer-executable instructions for s tore- storing user-specific information identifying the user 
with respect to one or more services provided by at loast ono a plurality of affiliate servers 
coupled to the data communication network, said affiliate servers each b eing configured to 
execute computer-executable instructions for provide providing the one or more services to the 
user via a client coupled to the data communication network; 

said authentication server being configured to execute computer executable instructions 
forte receiv[[e]]ing a first request from the user for a service to be provided by the -a first affiliate 
serve r, said second affiliate server being one of the plurality of affiliate servers , said 
authentication server further being configured to execute computer executable instructions for 
authenticate authenticating the user responsive to the request when login information retrieved 
from the user via the data communication network matches the authentication information stored 
in the authentication database; 

said authentication server being further configured to execute computer executable 
instructions for maintaining a user profile storing the user-specific information , said user profile 
comprising a plurality of profile attributes , to receive a first request from the requested service 
for user information a first profile attribute associated with the profile of the u ser and consent to 
use the requested user information first profile attribute wherein the consent is limited to the first 
service , te-determin[[e]]ing if the requested user information first profile attribute is stored in the 
user profile in response to the first request for consent; and 

said authentication server being further configured to execute computer executable 
instructions for provide providing a user interface to collect the requested user information first 
profile attribute that is not stored in the user profile from the user, to receive receiving the first 
profile attribute user information p rovided by the user via the user interface in response, and to 
allowing access by the requested service to the received first profile attribute user information ; 
and 
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said authentication server being further configured to execute computer executable 
instructions for updating the user profile with the received first profile attribute; 

wherein the authentication server being configured to execute computer executable 
instructions for receiving a second request from the user for a second service to be provided by a 
second affiliate server, said second affiliate server being one of the plurality of affiliate servers, 
said authentication server further being configured to execute computer executable instructions 
for authenticating the user responsive to the second request when login information retrieved 
from the user via the data communication network matches the authentication information stored 
in the authentication database; 

the authentication server is configured to execute computer executable instructions for 
receiving a request from the requested second service for a second profile attribute associated 
with the profile of the user and consent to use the requested second profile attribute wherein the 
consent is limited to the second service, to determine if the requested second profile attribute is 
stored in the user profile in response to the request for consent; 

said authentication server being further configured to execute computer executable 
instructions for providing a user interface to collect the requested second profile attribute that is 
not stored in the user profile from the user, receiving the second profile attribute provided by the 
user via the user interface in response, and allowing access by the requested second service to the 
received second profile attribute; and 

said authentication server being further configured to execute computer executable 
instructions for updating the user profile with the received second profile attribute . 

Claim 20 (canceled). 

Claim 21 (currently amended): The system of claim 19, wherein the authentication server is 
configured to execute computer executable instructions for allowing, in response to the first 
request for consent, access by the requested service to the requested first profile attribute u ser 
information if the first profile user information is attribute is stored in the user profile. 



Claim 22 (original): The system of claim 19, wherein the user interface provided by the 
authentication server displays the user-specific information previously stored in the user profile. 
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Claim 23 (currently amended): The system of claim 19, wherein the user interface provided by 
the authentication server displays a user-selectable option for viewing intention information 
associated with the requested first profile attribute user information , said intention information 
describing how the requested first profile attribute user information w ill be used by the requested 
service. 

Claim 24 (currently amended): The system of claim 23, wherein the authentication server is 
configured to execute computer executable instructions for provide p roviding an intention user 
interface for displaying the intention information, said intention user interface being provided by 
the authentication server in response to the user-selectable option being selected by the user. 

Claim 25 (currently amended): The system of claim 24, wherein said intention user interface 
further displays retention information associated with the requested first profile attribute u ser 
information , said retention information specifying how long the requested first profile attribute 
user information will be retained by the requested service. 

Claim 26 (original): The system of claim 24, wherein the requested service is a member of a 
policy group, and wherein said intention user interface further displays a list of members of said 
policy group. 

Claim 27 (currently amended): The system of claim 19, wherein the requested service is granted 
consent to use the user-specific information stored in the user profile. 

Claim 28 (currently amended): The system of claim 27, wherein the authentication server is 
configured to execute computer executable instructions for provide p roviding a revocation user 
interface for allowing the user to revoke consent for the requested service to use the user-specific 
information stored in the user profile, said revocation user interface displaying a list of services 
that the user has granted consent to use the user-specific information stored in the user profile. 
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Claim 29 (currently amended): The system of claim 28, wherein said revocation user interface 
further displays a user-selectable option for revoking consent for the requested service to use the 
user-specific information stored in the user profile wherein the authentication server is 
configured to execute computer-executable instructions for to revoke consent for the requested 
service to use the user-specific information stored in the user profile in response to the use- 
selectable option being selected by the user . 

Claim 30 (canceled). 

Claim 31 (currently amended): The system of claim 19, wherein the authentication server is 
configured to execute computer executable instructions for provide p roviding an administrator 
user interface to a responsible person of the user in response to the received first profile attribute 
user information , said administrator user interface allowing the responsible person of the user to 
grant consent for the requested service to use the received first profile attribute user information . 

Claim 32 (currently amended): The system of claim 31, wherein the authentication server is 
configured to execute computer executable instructions for allow ing access by the requested 
service to the received first profile attribute user information if consent for the requested service 
to use the received first profile attribute user informatio n is granted by said responsible person. 

Claim 33 (currently amended): One or more computer-readable storage media having computer- 
executable components for managing consent between a client and at least one network server, 
said client and said network server being coupled to a data communication network, said 
network server providing a plurality of service services t o a user via the client, said services 
being members of a policy group, said computer-readable media comprising: 

a profiling component for storing user-specific information associated with the user; 

a consent component for receiving a request from the -a first service provided by the 
network server for user information associated with the user and for consent to use the requested 
user information , said first service being a member of a first policy group , said consent 
component further determining if the requested user information is stored in the profiling 
component in response to the request for consent; 
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a user interface component for collecting the requested user information that is not 
included in the profiling component from the user; and 

wherein the consent component is configured to receive the requested user information 
provided by the user via the user interface component; to store the received user information in 
the profiling component; a nd-to allow access by-the -to each member service of the first policy 
group t o the received user informatio n; and to deny access by each service which is not a 
member of the first policy group to the received user information . 

Claim 34 (canceled). 

Claim 35 (currently amended): The computer-readable storage media of claim 33, wherein the 
user interface component is configured to display the user-specific information previously stored 
in the profiling component. 

Claim 36 (currently amended): The computer-readable storage media of claim 33, further 
comprising a reviewing component for displaying intention information associated with the user 
information, said intention information describing how the user information will be used by the 
first service provided by the network server. 

Claim 37 (currently amended): The computer-readable storage media of claim 36, wherein the 
reviewing component is configured to display retention information associated with the user 
information, said retention information specifying how long the user information will be retained 
by the first service provided by the network server. 

Claim 38 (currently amended): The computer-readable storage media of claim 36, wherein the 
service provided by the network server is a member of a policy group, and wherein the reviewing 
component is configured to display a list of membe r service s of said policy group. 

Claim 39 (currently amended): The computer-readable storage media of claim 33, further 
comprising a revoking component for allowing the user to revoke consent for the first service 
provided by the network server to use the user-specific information stored in the profiling 
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component, said revoking component displaying a list of member services that the user has 
granted consent to use the user-specific information stored in the profiling component. 

Claim 40 (currently amended): The computer- readable storage media of claim 33, further 
comprising a managed-consent component for providing the received user information to a 
responsible person of the user to allow the responsible person of the user to grant consent for the 
first service provided by the network server to use the received user information. 



